Changeset 6990 for extensions/NBC_UserAdvManager/trunk/main.inc.php
- Timestamp:
- Sep 21, 2010, 10:57:10 PM (14 years ago)
- File:
-
- 1 edited
-
extensions/NBC_UserAdvManager/trunk/main.inc.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
extensions/NBC_UserAdvManager/trunk/main.inc.php
r6872 r6990 2 2 /* 3 3 Plugin Name: UserAdvManager 4 Version: 2.15. 64 Version: 2.15.7b 5 5 Description: Renforcer la gestion des utilisateurs - Enforce users management 6 6 Plugin URI: http://fr.piwigo.org/ext/extension_view.php?eid=216 … … 56 56 $conf_UAM = unserialize($conf['UserAdvManager']); 57 57 58 /* Admins and Guests are not tracked for Ghost Tracker or Users Tracker */59 if (!is_admin() and !is_a_guest() )58 /* Admins, Guests and Adult_Content users are not tracked for Ghost Tracker or Users Tracker */ 59 if (!is_admin() and !is_a_guest() and $user['username'] != "16" and $user['username'] != "18") 60 60 { 61 61 if ((isset($conf_UAM[16]) and $conf_UAM[16] == 'true') or (isset($conf_UAM[19]) and $conf_UAM[19] == 'true')) … … 106 106 107 107 $conf_UAM = unserialize($conf['UserAdvManager']); 108 109 if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local')) 110 { 111 /* This is to send an information email and set user to "waiting" group or status until admin validation */ 112 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 113 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 114 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation 115 } 116 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local')) 117 { 118 /* This is to set user to "wainting" group or status until admin validation */ 119 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation 120 } 121 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'false')) 122 { 123 /* This is to send an information email without validation key */ 124 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 125 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 126 } 127 /* Sending registration confirmation by email */ 128 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true')) 129 { 130 if (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'true') 131 { 132 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 133 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); 134 } 135 elseif (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'false') 136 { 108 109 // Exclusion of Adult_Content users 110 if ($register_user['username'] != "16" and $register_user['username'] != "18") 111 { 112 if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local') and ($register_user['username'] != "16" and $register_user['username'] != "18")) 113 { 114 /* This is to send an information email and set user to "waiting" group or status until admin validation */ 137 115 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 138 116 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 139 } 140 elseif (!is_admin()) 141 { 117 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation 118 } 119 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local') and ($register_user['username'] != "16" and $register_user['username'] != "18")) 120 { 121 /* This is to set user to "waiting" group or status until admin validation */ 122 setgroup($register_user['id']);// Set to "waiting" group or status until admin validation 123 } 124 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'false') and ($register_user['username'] != "16" and $register_user['username'] != "18")) 125 { 126 /* This is to send an information email without validation key */ 142 127 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 143 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); 128 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 129 } 130 /* Sending registration confirmation by email */ 131 elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true') and ($register_user['username'] != "16" and $register_user['username'] != "18")) 132 { 133 if (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'true') 134 { 135 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 136 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); 137 } 138 elseif (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'false') 139 { 140 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 141 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false); 142 } 143 elseif (!is_admin()) 144 { 145 $passwd = (isset($_POST['password'])) ? $_POST['password'] : ''; 146 SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true); 147 } 144 148 } 145 149 } … … 161 165 162 166 163 / * Check users registration */167 // Check users registration 164 168 add_event_handler('register_user_check', 'UAM_RegistrationCheck', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); 165 169 … … 168 172 global $errors, $conf; 169 173 170 /* *********************************************************** */ 171 /* We need to reset the standard Piwigo's register controls */ 172 /* because the call of register_user_check trigger resets them */ 173 /* *********************************************************** */ 174 /* ********************************** */ 175 /* Standard Piwigo's username control */ 176 /* ********************************** */ 177 if ($_POST['login'] == '') 178 { 179 return l10n('reg_err_login1'); 180 } 181 if (preg_match('/^.* $/', $_POST['login'])) 182 { 183 return l10n('reg_err_login2'); 184 } 185 if (preg_match('/^ .*$/', $_POST['login'])) 186 { 187 return l10n('reg_err_login3'); 188 } 189 if (get_userid($_POST['login'])) 190 { 191 return l10n('reg_err_login5'); 192 } 193 194 if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') /* not the same email variable if we are on users registration page or on admin's user registration page */ 195 { 196 /* Email doblons check */ 197 $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase 198 $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name 199 $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i'; 200 201 if (!preg_match($regex, $_POST['email'])) 202 { 203 return l10n('reg_err_mail_address'); 204 } 174 // Exclusion of Adult_Content users 175 if ($user['username'] != "16" and $user['username'] != "18") 176 { 177 // *********************************************************** 178 // We need to reset the standard Piwigo's register controls 179 // because the call of register_user_check trigger resets them 180 // *********************************************************** 181 // ********************************** 182 // Standard Piwigo's username control 183 // ********************************** 184 if ($_POST['login'] == '') 185 { 186 return l10n('reg_err_login1'); 187 } 188 if (preg_match('/^.* $/', $_POST['login'])) 189 { 190 return l10n('reg_err_login2'); 191 } 192 if (preg_match('/^ .*$/', $_POST['login'])) 193 { 194 return l10n('reg_err_login3'); 195 } 196 if (get_userid($_POST['login'])) 197 { 198 return l10n('reg_err_login5'); 199 } 200 201 if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list') // not the same email variable if we are on users registration page or on admin's user registration page 202 { 203 // Email doblons check 204 $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase 205 $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name 206 $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i'; 207 208 if (!preg_match($regex, $_POST['email'])) 209 { 210 return l10n('reg_err_mail_address'); 211 } 205 212 206 $query = '213 $query = ' 207 214 SELECT count(*) 208 215 FROM '.USERS_TABLE.' 209 216 WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['email'].'\') 210 217 ;'; 211 list($count) = pwg_db_fetch_row(pwg_query($query));212 if ($count != 0)213 {214 return l10n('reg_err_mail_address_dbl');215 }216 }217 218 if (script_basename() == 'register') /* not the same email variable if we are on users registration page or on admin's user registration page*/219 {220 / * Email doblons check */221 $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase222 $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name223 $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';224 225 if (!preg_match($regex, $_POST['mail_address']))226 {227 return l10n('reg_err_mail_address');228 }218 list($count) = pwg_db_fetch_row(pwg_query($query)); 219 if ($count != 0) 220 { 221 return l10n('reg_err_mail_address_dbl'); 222 } 223 } 224 225 if (script_basename() == 'register') // not the same email variable if we are on users registration page or on admin's user registration page 226 { 227 // Email doblons check 228 $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase 229 $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name 230 $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i'; 231 232 if (!preg_match($regex, $_POST['mail_address'])) 233 { 234 return l10n('reg_err_mail_address'); 235 } 229 236 230 $query = '237 $query = ' 231 238 SELECT count(*) 232 239 FROM '.USERS_TABLE.' 233 240 WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$_POST['mail_address'].'\') 234 241 ;'; 235 list($count) = pwg_db_fetch_row(pwg_query($query)); 236 if ($count != 0) 237 { 238 return l10n('reg_err_mail_address_dbl'); 239 } 240 } 241 /* ****************************************** */ 242 /* End of Piwigo's standard register controls */ 243 /* ****************************************** */ 244 245 246 /* ****************************************** */ 247 /* Here begins the advanced register controls */ 248 /* ****************************************** */ 249 $PasswordCheck = 0; 250 251 $conf_UAM = unserialize($conf['UserAdvManager']); 252 253 /* Password enforcement control */ 254 if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14])) 255 { 256 if (!empty($user['password']) and !is_admin()) 257 { 258 $PasswordCheck = testpassword($user['password']); 259 260 if ($PasswordCheck < $conf_UAM[14]) 261 { 262 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); 263 return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]); 264 } 265 } 266 else if (!empty($user['password']) and is_admin() and isset($conf_UAM[15]) and $conf_UAM[15] == 'true') 267 { 268 $PasswordCheck = testpassword($user['password']); 269 270 if ($PasswordCheck < $conf_UAM[14]) 271 { 272 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); 273 return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]); 274 } 275 } 276 } 277 278 /* Username without forbidden keys */ 279 if (isset($conf_UAM[6]) and $conf_UAM[6] == 'true' and !empty($_POST['login']) and ValidateUsername($_POST['login']) and !is_admin()) 280 { 281 $_POST['login'] = ''; 282 return($lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_UAM[7]."'"); 283 } 284 285 /* Email without forbidden domains */ 286 if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']) and ValidateEmailProvider($_POST['mail_address']) and !is_admin()) 287 { 288 $_POST['mail_address'] = ''; 289 return($lang['reg_err_login1'] = l10n('reg_err_login7')."'".$conf_UAM[12]."'"); 242 list($count) = pwg_db_fetch_row(pwg_query($query)); 243 if ($count != 0) 244 { 245 return l10n('reg_err_mail_address_dbl'); 246 } 247 } 248 // ****************************************** 249 // End of Piwigo's standard register controls 250 // ****************************************** 251 252 253 // ****************************************** 254 // Here begins the advanced register controls 255 // ****************************************** 256 $PasswordCheck = 0; 257 258 $conf_UAM = unserialize($conf['UserAdvManager']); 259 260 // Password enforcement control 261 if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14])) 262 { 263 if (!empty($user['password']) and !is_admin()) 264 { 265 $PasswordCheck = testpassword($user['password']); 266 267 if ($PasswordCheck < $conf_UAM[14]) 268 { 269 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); 270 return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]); 271 } 272 } 273 else if (!empty($user['password']) and is_admin() and isset($conf_UAM[15]) and $conf_UAM[15] == 'true') 274 { 275 $PasswordCheck = testpassword($user['password']); 276 277 if ($PasswordCheck < $conf_UAM[14]) 278 { 279 $message = get_l10n_args('reg_err_login4_%s', $PasswordCheck); 280 return($lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14]); 281 } 282 } 283 } 284 285 // Username without forbidden keys 286 if (isset($conf_UAM[6]) and $conf_UAM[6] == 'true' and !empty($_POST['login']) and ValidateUsername($_POST['login']) and !is_admin()) 287 { 288 $_POST['login'] = ''; 289 return($lang['reg_err_login1'] = l10n('reg_err_login6')."'".$conf_UAM[7]."'"); 290 } 291 292 // Email without forbidden domains 293 if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']) and ValidateEmailProvider($_POST['mail_address']) and !is_admin()) 294 { 295 $_POST['mail_address'] = ''; 296 return($lang['reg_err_login1'] = l10n('reg_err_login7')."'".$conf_UAM[12]."'"); 297 } 290 298 } 291 299 } … … 301 309 302 310 $conf_UAM = unserialize($conf['UserAdvManager']); 303 311 304 312 if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true')) 305 313 {
Note: See TracChangeset
for help on using the changeset viewer.
